package com.cqeec.gams.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

public class UserLoginVerification implements HandlerInterceptor {

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {
		// 验证用户是否登录
		HttpSession session = request.getSession();
		Object obj = session.getAttribute("account");
		if (obj == null) {
			// 用户没有登录
			response.sendRedirect(request.getContextPath() + "/login.html");
		} else {
//			// 已登录，验证用户权限
//			obj = session.getAttribute("userPermission");
//			if (obj == null) {
//				response.sendRedirect(request.getContextPath() + "/error/401.html");
//				return false;
//			} else {
//				List<String> userPermission = (List<String>) obj;
//				String uri = request.getRequestURI().replace(request.getContextPath() + "/", "");
//				if (userPermission.contains(uri)) {
//					// 拥有此权限
//					return true;
//				} else {
//					// 没有此权限
//					response.sendRedirect(request.getContextPath() + "/error/401.html");
//					return false;
//				}
//			}
		}
		return true;
	}

	@Override
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception {
	}

	@Override
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
			throws Exception {
	}

}
